Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

Pierluigi Paganini July 07, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

GootLoader is still active and efficient
Hackers stole OpenAI secrets in a 2023 security breach
Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes
Polyfill.io Supply Chain Attack: 384,773 hosts still embedding a polyfill JS script linking to the malicious domain
New Golang-based Zergeca Botnet appeared in the threat landscape
Microsoft discloses 2 flaws in Rockwell Automation PanelView Plus
Hackers compromised Ethereum mailing list and launched a crypto draining attack
OVHcloud mitigated a record-breaking DDoS attack in April 2024
Healthcare fintech firm HealthEquity disclosed a data breach
Brazil data protection authority bans Meta from training AI models with data originating in the country
Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform
Polish government investigates Russia-linked cyberattack on state news agency
Evolve Bank data breach impacted fintech firms Wise and Affirm
Prudential Financial data breach impacted over 2.5 million individuals
Australian man charged for Evil Twin Wi-Fi attacks on domestic flights
China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware
Critical unauthenticated remote code execution flaw in OpenSSH server
Monti gang claims the hack of the Wayne Memorial Hospital in Pennsylvania
Juniper Networks fixed a critical authentication bypass flaw in some of its routers
Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769
Russia-linked Midnight Blizzard stole email of more Microsoft customers
Russia-linked group APT29 likely breached TeamViewer’s corporate network

International Press – Newsletter

Cybercrime  

USD 257 million seized in global police crackdown against online scams  

Man charged over creation of ‘evil twin’ free WiFi networks to access personal data  

Europol coordinates global action against criminal abuse of Cobalt Strike

  

 

         

  

Malware

 

 

            

Hacking

Perma-Vuln: D-Link DIR-859, CVE-2024-0769   

        

  

  

  

  

Intelligence and Information Warfare 

  

 

China-Nexus Threat Group ‘Velvet Ant’ Exploits Cisco Zero-Day (CVE-2024-20399) to Compromise Nexus Switch Devices – Advisory for Mitigation and Response

 

       

Cybersecurity  

  

   

   

   

  

 

  

Follow me on Twitter:  and  and Mastodon

(SecurityAffairs – hacking, newsletter)



you might also like

leave a comment